In recent years, attempts have been made to develop techniques for protecting application programs by means of software in order to prevent the application programs, which include confidential data, from being analyzed in an unauthorized manner by a malicious third party (hereinafter “attacker”) (Patent Literatures 1 and 2).
Examples of such techniques for protecting application programs by means of software include tampering verification and decryption load function. The tampering verification is performed with use of hash values of the application programs. The decryption load function is a function to encrypt the application programs and store the encrypted application programs when the application programs are not used, and to decrypt the encrypted application programs and load the application programs into a memory only when the application programs are used.
However, even when such techniques are used, if the very software used to protect the application programs (hereinafter “protection control module”) is tampered with by an attacker, the application programs are subjected to an attack by the attacker. To counter such an attack, tampering detection of the protection control module is performed with use of a detection module (Patent Literatures 2 and 3).
The detection module detects tampering of the protection control module by reading all data constituting the protection control module and calculating a MAC (Message Authentication Code) value.